CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-67039

An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages can be bypassed by appending a specific suffix to the URL and by sending an Authorization header that uses "admin" as the username.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.2%

CVSS Severity

CVSS v3 Score 9.1

References

http://eds3000ps.com
http://lantronix.com
https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-02

Products affected by CVE-2025-67039

Lantronix » Eds3008ps1ns » Version: N/A

cpe:2.3:h:lantronix:eds3008ps1ns:-
Lantronix » Eds3016ps1ns » Version: N/A

cpe:2.3:h:lantronix:eds3016ps1ns:-
Lantronix » Eds3008ps1ns Firmware » Version: 3.1.0.0

cpe:2.3:o:lantronix:eds3008ps1ns_firmware:3.1.0.0
Lantronix » Eds3016ps1ns Firmware » Version: 3.1.0.0

cpe:2.3:o:lantronix:eds3016ps1ns_firmware:3.1.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-67039

Products

Pricing

Contact Us